diff mbox

[dpdk-dev] vhost: fix use after free

Message ID	1492414024-18413-1-git-send-email-yuanhan.liu@linux.intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	Yuanhan Liu
Headers	From: Yuanhan Liu <yuanhan.liu@linux.intel.com> To: dev@dpdk.org Cc: Maxime Coquelin <maxime.coquelin@redhat.com>, Yuanhan Liu <yuanhan.liu@linux.intel.com> Date: Mon, 17 Apr 2017 15:27:04 +0800 Message-Id: <1492414024-18413-1-git-send-email-yuanhan.liu@linux.intel.com> Subject: [dpdk-dev] [PATCH] vhost: fix use after free Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK

Commit Message

Yuanhan Liu April 17, 2017, 7:27 a.m. UTC

  A "return" is missing on error, which could lead to a "use after free"
issue (about var "conn").

Fixes: 65388b43f592 ("vhost: fix fd leaks for vhost-user server mode")
Coverity issue: 143476

Reported-by: John McNamara <john.mcnamara@intel.com>
Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
---
 lib/librte_vhost/socket.c | 1 +
 1 file changed, 1 insertion(+)

Comments

Maxime Coquelin April 18, 2017, 8:20 a.m. UTC | #1

On 04/17/2017 09:27 AM, Yuanhan Liu wrote:
> A "return" is missing on error, which could lead to a "use after free"
> issue (about var "conn").
>
> Fixes: 65388b43f592 ("vhost: fix fd leaks for vhost-user server mode")
> Coverity issue: 143476
>
> Reported-by: John McNamara <john.mcnamara@intel.com>
> Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
> ---
>  lib/librte_vhost/socket.c | 1 +
>  1 file changed, 1 insertion(+)

Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>

Thanks!
Maxime

Yuanhan Liu April 19, 2017, 1:05 a.m. UTC | #2

On Tue, Apr 18, 2017 at 10:20:41AM +0200, Maxime Coquelin wrote:
> 
> 
> On 04/17/2017 09:27 AM, Yuanhan Liu wrote:
> >A "return" is missing on error, which could lead to a "use after free"
> >issue (about var "conn").
> >
> >Fixes: 65388b43f592 ("vhost: fix fd leaks for vhost-user server mode")
> >Coverity issue: 143476
> >
> >Reported-by: John McNamara <john.mcnamara@intel.com>
> >Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
> >---
> > lib/librte_vhost/socket.c | 1 +
> > 1 file changed, 1 insertion(+)
> 
> Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>

Applied to dpdk-next-virtio.

	--yliu

diff mbox

Patch

diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
index 66fd335..c7f99b0 100644
--- a/lib/librte_vhost/socket.c
+++ b/lib/librte_vhost/socket.c
@@ -242,6 +242,7 @@  struct vhost_user {
 		RTE_LOG(ERR, VHOST_CONFIG,
 			"failed to add fd %d into vhost server fdset\n",
 			fd);
+		return;
 	}
 
 	pthread_mutex_lock(&vsocket->conn_mutex);